URLs that will be granted access to perform the device attestation during SAML authentication

This policy configures which URLs will be granted access to use remote attestation of device identity during the SAML flow on the sign-in screen.

Specifically, if a URL matches one of the patterns provided through this policy, it will be allowed to receive a HTTP header containing a response to a remote attestation challenge, attesting device identity and device state.

If this policy is not set or is set to an empty list, no URL is allowed to use remote attestation on the sign-in screen.

URLs must have HTTPS scheme, e.g. "https://example.com".

Example value:

https://www.example.com/
https://[*.]example.edu/

Supported on: At least Microsoft Windows 7 or Windows Server 2008 family

URLs that will be granted access to perform the device attestation during SAML authentication

Registry HiveHKEY_LOCAL_MACHINE
Registry PathSoftware\Policies\Google\ChromeOS\DeviceWebBasedAttestationAllowedUrls
Value Name{number}
Value TypeREG_SZ
Default Value

chromeos.admx

Administrative Templates (Computers)

Administrative Templates (Users)